From 26bc22297811ba2d0e37b512516a86474689d879 Mon Sep 17 00:00:00 2001
From: kjaniak <kornel.janiak@nokia.com>
Date: Fri, 11 Oct 2019 07:23:59 +0200
Subject: Add SSL support to cloud performance tests

Change-Id: Ie0a6341592efe3bfe3e386c01026600d16110cef
Signed-off-by: kjaniak <kornel.janiak@nokia.com>
Issue-ID: DCAEGEN2-1827
---
 .../cloud/cloud-based-performance-test.sh          | 38 +++++++++++++++-
 .../grafana/dashboards/performance-tests.yaml      |  4 +-
 tools/performance/cloud/producer-pod.yaml          | 22 +++++++++-
 tools/performance/cloud/prometheus-config-map.yaml | 51 ----------------------
 .../cloud/prometheus/prometheus-config-map.yaml    | 51 ++++++++++++++++++++++
 tools/performance/cloud/test.properties            |  5 ++-
 6 files changed, 114 insertions(+), 57 deletions(-)
 delete mode 100644 tools/performance/cloud/prometheus-config-map.yaml
 create mode 100644 tools/performance/cloud/prometheus/prometheus-config-map.yaml

(limited to 'tools/performance')

diff --git a/tools/performance/cloud/cloud-based-performance-test.sh b/tools/performance/cloud/cloud-based-performance-test.sh
index 937dcf3e..31299cc0 100755
--- a/tools/performance/cloud/cloud-based-performance-test.sh
+++ b/tools/performance/cloud/cloud-based-performance-test.sh
@@ -33,6 +33,8 @@ ONAP_NAMESPACE=onap
 MAXIMUM_BACK_OFF_CHECK_ITERATIONS=30
 CHECK_NUMBER=0
 NAME_REASON_PATTERN="custom-columns=NAME:.metadata.name,REASON:.status.containerStatuses[].state.waiting.reason"
+HVVES_POD_NAME=$(kubectl -n ${ONAP_NAMESPACE} get pods --no-headers=true -o custom-columns=:metadata.name | grep hv-ves-collector)
+HVVES_CERT_PATH=/etc/ves-hv/ssl/
 
 function clean() {
     echo "Cleaning up environment"
@@ -64,9 +66,23 @@ function clean() {
     echo "Attempting to delete producer pods"
     kubectl delete pods -l app=${PRODUCER_APPS_LABEL} -n ${ONAP_NAMESPACE}
 
+    echo "Attempting to delete client certs secret"
+    kubectl delete secret cert -n ${ONAP_NAMESPACE}
+
     echo "Environment clean up finished!"
 }
 
+function copy_certs_to_hvves() {
+	 cd ../../ssl
+	 echo "Creating cert directory: ${HVVES_CERT_PATH}"
+	 kubectl exec ${HVVES_POD_NAME} mkdir ${HVVES_CERT_PATH} -n ${ONAP_NAMESPACE}
+	 for file in {trust.p12,trust.pass,server.p12,server.pass}
+	 do
+       echo "Copying file: ${file}"
+       kubectl cp ${file} ${ONAP_NAMESPACE}/${HVVES_POD_NAME}:${HVVES_CERT_PATH}
+   done
+}
+
 function create_producers() {
     set -e
     for i in $(seq 1 ${CONTAINERS_COUNT});
@@ -78,10 +94,17 @@ function create_producers() {
     set +e
 }
 
+function generate_certs() {
+    echo "Generation of certs"
+    cd ../../ssl
+    ./gen-certs.sh
+}
+
 function usage() {
     echo ""
     echo "Run cloud based HV-VES performance test"
-    echo "Usage $0 setup|start|clean|help"
+    echo "Usage $0 gen_certs|setup|start|clean|help"
+    echo "  gen_certs: generate certs in ../../ssl directory"
     echo "  setup    : set up ConfigMap and consumers"
     echo "  start    : create producers - start the performance test"
     echo "    Optional parameters:"
@@ -90,6 +113,7 @@ function usage() {
     echo "  clean    : remove ConfigMap, HV-VES consumers and producers"
     echo "  help     : print usage"
     echo "Example invocations:"
+    echo "./cloud-based-performance-test.sh gen_certs"
     echo "./cloud-based-performance-test.sh setup"
     echo "./cloud-based-performance-test.sh start"
     echo "./cloud-based-performance-test.sh start --containers 10"
@@ -100,6 +124,13 @@ function usage() {
 
 function setup_environment() {
     echo "Setting up environment"
+    echo "Copying certs to hv-ves pod"
+    copy_certs_to_hvves
+
+    echo "Creating secrets with clients cert"
+    kubectl create secret generic cert --from-file=./client.p12 --from-file=./client.pass -n ${ONAP_NAMESPACE}
+    cd ${SCRIPT_DIRECTORY}
+
     echo "Creating test properties ConfigMap from: $PROPERTIES_FILE"
     kubectl create configmap ${CONFIG_MAP_NAME} --from-env-file=${PROPERTIES_FILE} -n ${ONAP_NAMESPACE}
 
@@ -107,7 +138,7 @@ function setup_environment() {
     kubectl apply -f consumer-deployment.yaml
 
     echo "Creating ConfigMap for prometheus deployment"
-    kubectl apply -f prometheus-config-map.yaml
+    kubectl apply -f prometheus/prometheus-config-map.yaml
 
     echo "Creating prometheus deployment"
     kubectl apply -f prometheus-deployment.yaml
@@ -178,6 +209,9 @@ else
     for arg in ${@}
     do
         case ${arg} in
+            gen_certs)
+            generate_certs
+            ;;
             setup)
             setup_environment
             ;;
diff --git a/tools/performance/cloud/grafana/dashboards/performance-tests.yaml b/tools/performance/cloud/grafana/dashboards/performance-tests.yaml
index 24626b7a..9ee405e4 100644
--- a/tools/performance/cloud/grafana/dashboards/performance-tests.yaml
+++ b/tools/performance/cloud/grafana/dashboards/performance-tests.yaml
@@ -42,7 +42,7 @@ data:
       "editable": true,
       "gnetId": null,
       "graphTooltip": 0,
-      "iteration": 1570533687099,
+      "iteration": 1570772689346,
       "links": [],
       "panels": [
         {
@@ -484,7 +484,7 @@ data:
           },
           "yaxes": [
             {
-              "format": "s",
+              "format": "ns",
               "label": null,
               "logBase": 1,
               "max": null,
diff --git a/tools/performance/cloud/producer-pod.yaml b/tools/performance/cloud/producer-pod.yaml
index 9381b582..5b41c4e0 100755
--- a/tools/performance/cloud/producer-pod.yaml
+++ b/tools/performance/cloud/producer-pod.yaml
@@ -27,6 +27,10 @@ spec:
   containers:
     - name: hv-collector-producer
       image: the-a-team-registry-local.esisoj70.emea.nsn-net.net/onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-go-client:latest
+      volumeMounts:
+        - name: ssl-certs
+          mountPath: /ssl
+          readOnly: true
       env:
         - name: HV_VES_ADDRESS
           valueFrom:
@@ -53,9 +57,25 @@ spec:
             configMapKeyRef:
               name: performance-test-config
               key: producer.client.count
+        - name: CERT_FILE
+          valueFrom:
+            configMapKeyRef:
+              name: performance-test-config
+              key: client.cert.path
+        - name: CERT_PASS_FILE
+          valueFrom:
+            configMapKeyRef:
+              name: performance-test-config
+              key: client.cert.pass.path
       args: ["--address", "$(HV_VES_ADDRESS)",
              "--clients", "$(CLIENTS_PER_CONTAINER)",
              "--msgsize", "$(MSG_SIZE)",
              "--msgcount", "$(MSG_COUNT)",
-             "--intervalms", "$(INTERVAL_MS)"]
+             "--intervalms", "$(INTERVAL_MS)",
+             "--certfile", "$(CERT_FILE)",
+             "--certpass", "$(CERT_PASS_FILE)"]
+  volumes:
+    - name: ssl-certs
+      secret:
+        secretName: cert
   restartPolicy: Never
\ No newline at end of file
diff --git a/tools/performance/cloud/prometheus-config-map.yaml b/tools/performance/cloud/prometheus-config-map.yaml
deleted file mode 100644
index a07bc336..00000000
--- a/tools/performance/cloud/prometheus-config-map.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-# ============LICENSE_START=======================================================
-# dcaegen2-collectors-veshv
-# ================================================================================
-# Copyright (C) 2019 NOKIA
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: prometheus-server-conf
-  labels:
-    name: prometheus-server-conf
-  namespace: onap
-data:
-  prometheus.yml: |-
-    global:
-      scrape_interval: 5s
-      external_labels:
-        monitor: 'my-monitor'
-
-    scrape_configs:
-      - job_name: 'prometheus'
-        static_configs:
-          - targets: ['localhost:9090']
-
-      - job_name: 'kafka-processing-consumer'
-        metrics_path: '/monitoring/prometheus'
-        static_configs:
-          - targets: ['kafka-processing-consumer.onap:6063']
-
-      - job_name: 'kafka-offset-consumer'
-        metrics_path: '/monitoring/prometheus'
-        static_configs:
-          - targets: ['kafka-counting-consumer.onap:6062']
-
-      - job_name: 'ves-hv-collector'
-        metrics_path: '/monitoring/prometheus'
-        static_configs:
-          - targets: ['dcae-hv-ves-collector.onap:6060']
diff --git a/tools/performance/cloud/prometheus/prometheus-config-map.yaml b/tools/performance/cloud/prometheus/prometheus-config-map.yaml
new file mode 100644
index 00000000..a07bc336
--- /dev/null
+++ b/tools/performance/cloud/prometheus/prometheus-config-map.yaml
@@ -0,0 +1,51 @@
+# ============LICENSE_START=======================================================
+# dcaegen2-collectors-veshv
+# ================================================================================
+# Copyright (C) 2019 NOKIA
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: prometheus-server-conf
+  labels:
+    name: prometheus-server-conf
+  namespace: onap
+data:
+  prometheus.yml: |-
+    global:
+      scrape_interval: 5s
+      external_labels:
+        monitor: 'my-monitor'
+
+    scrape_configs:
+      - job_name: 'prometheus'
+        static_configs:
+          - targets: ['localhost:9090']
+
+      - job_name: 'kafka-processing-consumer'
+        metrics_path: '/monitoring/prometheus'
+        static_configs:
+          - targets: ['kafka-processing-consumer.onap:6063']
+
+      - job_name: 'kafka-offset-consumer'
+        metrics_path: '/monitoring/prometheus'
+        static_configs:
+          - targets: ['kafka-counting-consumer.onap:6062']
+
+      - job_name: 'ves-hv-collector'
+        metrics_path: '/monitoring/prometheus'
+        static_configs:
+          - targets: ['dcae-hv-ves-collector.onap:6060']
diff --git a/tools/performance/cloud/test.properties b/tools/performance/cloud/test.properties
index 092c51cf..53a38e23 100644
--- a/tools/performance/cloud/test.properties
+++ b/tools/performance/cloud/test.properties
@@ -10,7 +10,10 @@ producer.message.size=16384
 producer.message.count=1000
 # Interval between messages in milliseconds
 producer.message.interval=1
-
+# Path to client cert file
+client.cert.path=/ssl/client.p12
+# Path to cert pass file
+client.cert.pass.path=/ssl/client.pass
 # CONSUMER CONFIGURATION
 
 # Addresses of Kafka services to consume from
-- 
cgit 1.2.3-korg